Require Approval for a Group of Users (Wholesale)

[smcfarland]

We sell directly to the public as well as to practitioners. We need a registration page just for wholesale access that will assign the practitioner to a wholesale group and have them default to a pending status for approval/denial.

Basically, we need to verify they are valid businesses and then approve them for access.

Has anyone done this? I couldn't find anything in the forums.

[mazhar]

On the registration page when a new practitioner tries to register by default assign him some group that has not rights and keep him in this state until your verification completes then you can either assign him the proper group or remove the account.
Have a look at the following post, It may help you.
viewtopic.php?f=47&t=8575

[smcfarland]

I saw that and it is not necessarily the same, but it may work... perhaps having the verification link go to the site admin instead of the person registering so that they can click to approve...

Not sure.

[mazhar]

No that is not the exact solution, The reason of redirection to that post was that you can get an idea where you will need to put some custom code.

One solution in your case could be that first you create a group on the admin side for example we say it the PendingUsers. After adding the group check its GroupId from the database.

Now you need to put some code in the registration page, you may have your own page but for now i am considering that we are using the default RegisterDialog control. Now when user or in your case some practitioner will try to register we will create a user for him assign him the PendingUsers group, declare him the disabled user and then just return by showing some suitable message that currently his account is disabled.

For example the code that will do this job in RegisterDialog control is as bellow

Code: Select all

UserGroup userGroup = new UserGroup(newUser.UserId, PendingUsers GroupId);
            newUser.UserGroups.Add(userGroup);
            newUser.IsApproved = false;
            newUser.Save();
            //Some custom message code will be here
return;

You can put this code just below the following statements

Code: Select all

MembershipCreateStatus status;
User newUser = UserDataSource.CreateUser(UserName.Text, Password.Text, string.Empty, string.Empty, true, 0, out status);

Now you can keep track of that which users are in pending state by viewing the users on admin side using Members of Group option. When some user or practitioner completes his verification process you can just edit the user and change his group and declare the account as enabled.

[Brewhaus]

This works for people who sign up prior to ordering, but not for those who register when checking out. It seems that those who register when checking out do not have an account created until after they check out. Is this correct? If so, is there any way to overcome this, as we want some discounts to be offered to all 'retail' level accounts, and if the customer has not pre-registered they will not be part of this group.
Update The issue above is that the customer is not automatically logged in when they create the account. How can we correct this?

Also, using the code above the customer is left at the same screen instead of being taken to the My Account page as they normally are. I understand that this is suitable for the above case, where the customer is not made active immediately upon registering, but for us we would want to carry them through to the My Account page. Is this possible? If not, we could simply create a message that thanks them for registering, and that they can click the My Account link to set up the account, or another link to shop, etc.

[mazhar]

Perhaps you need to use Checkout Page With Login scriptlet for checkout process. This will force that user must be logged in before checking out. There was a problem with Checkout Page With Login in AbleCommerce 7.0. The discussion regarding the problem and its fix is in the following post.
viewtopic.php?f=42&t=6015
So all you need is to apply the proposed fix and use Checkout Page With Login for checkout process.

If you put a redirect to MyAccount page some where in code then you can easily do that job by putting following line of code.

Code: Select all

Response.Redirect("~/Members/MyAccount.aspx");

[Brewhaus]

I looked at the basket and checkout, and gave it some thought. Could we not achieve this far more easily by simply having the Checkout button take the customer to the Login.aspx page, with a return URL of /Checkout/Default.aspx? This would force the customer to log in, and forward them to the /Checkout/Default.aspx page as soon as they log in.

And, is there a way to distinguish if a customer is already logged in, and bypass the login screen?

[kastnerd]

i would like for wholesale users to go to mysite.com/wholesale.aspx And register, but i would like to force them to enter in there address information. Normally able dose not ask for address until you place an order.

[mazhar]

I looked at the basket and checkout, and gave it some thought. Could we not achieve this far more easily by simply having the Checkout button take the customer to the Login.aspx page, with a return URL of /Checkout/Default.aspx? This would force the customer to log in, and forward them to the /Checkout/Default.aspx page as soon as they log in.

And, is there a way to distinguish if a customer is already logged in, and bypass the login screen?

Give a try and edit the Website/Checkout/web.config file and add a new location tag in its as below

Code: Select all

 <location path="Default.aspx">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>

For example if you haven't any change in the default Website/Checkout/web.config file then it will be as below

Code: Select all

<?xml version="1.0"?>
<!-- 
    Note: As an alternative to hand editing this file you can use the 
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    \Windows\Microsoft.Net\Framework\v2.x\Config 
-->
<configuration>
  <location path="ShipAddresses.aspx">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>
  <location path="Default.aspx">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>
</configuration>

[mazhar]

i would like for wholesale users to go to mysite.com/wholesale.aspx And register, but i would like to force them to enter in there address information. Normally able dose not ask for address until you place an order.

Please have a look at the following post
viewtopic.php?f=42&t=7850

[Brewhaus]

The change to the web.config file works perfectly. We tested, and if a customer is already logged in they are taken directly to the checkout (ie. they are not asked to log in, as they already are). If they are a new customer and must register, they are taken to the checkout as soon as they enter their e-mail address and password.

We still have a problem with the code posted to place a customer into a specific group upon registering, though. When we use the code, the customer is registered and added to the correct group, but when they click the 'register' button they remain at the same screen instead of being directed to the checkout. How can we fix this?

[mazhar]

Try to redirect the user to desired page by using Response.Redirect statement just after the custom code. it would be something like

Code: Select all

Response.Redirect("Checkout/Default.aspx");

[Brewhaus]

I am still getting the exact same result (no redirect at all- when you click the register button you stay at the same page).

The site that we are testing on is http://www.theflamingchicken.com (if you are able to take a look and see where the problem lies). Here is the code that is being used:

Code: Select all

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Collections.Generic;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using CommerceBuilder.Common;
using CommerceBuilder.Users;
using CommerceBuilder.Utility;

public partial class ConLib_RegisterDialog : System.Web.UI.UserControl
{
    protected void Page_Init(object sender, EventArgs e)
    {
        //SET VALIDATION EXPRESSION
        EmailValidator.ValidationExpression = ValidationHelper.EmailRegex;
    }

    protected void Page_Load(object sender, EventArgs e)
    {
        PageHelper.ConvertEnterToTab(UserName);
        PageHelper.ConvertEnterToTab(Password);
        PageHelper.SetDefaultButton(ConfirmPassword, RegisterButton.ClientID);
        ShowPasswordPolicy();
    }

    protected void RegisterButton_Click(object sender, EventArgs e)
    {
        if (Page.IsValid && ValidatePassword())
        {
            MembershipCreateStatus status;
            User newUser = UserDataSource.CreateUser(UserName.Text, Password.Text, string.Empty, string.Empty, true, 0, out status);
UserGroup userGroup = new UserGroup(newUser.UserId, 10);
            newUser.UserGroups.Add(userGroup);
            newUser.IsApproved = true;
            newUser.Save();
            //Some custom message code will be here
return;
            if (status == MembershipCreateStatus.Success)
            {
                if (Membership.ValidateUser(UserName.Text, Password.Text))
                {
                    if (RememberUserName.Checked)
                    {
                        HttpCookie cookie = new HttpCookie("UserName", UserName.Text);
                        cookie.Expires = DateTime.MaxValue;
                        Response.Cookies.Add(cookie);
                        Trace.Write("Added UserName Cookie to Response");
                    }
                    else
                    {
                        Response.Cookies.Add(new HttpCookie("UserName", ""));
                    }
                    //MIGRATE USER IF NEEDED
                    int newUserId = UserDataSource.GetUserId(UserName.Text);
                    if ((Token.Instance.UserId != newUserId) && (newUserId != 0))
                    {
                        User.Migrate(Token.Instance.User, newUser);
                        Token.Instance.UserId = newUserId;
                    }
                    //REDIRECT TO APPROPRIATE PAGE
                    FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
                }
            }
            else
            {
                InvalidRegistration.IsValid = false;
                switch (status)
                {
                    case MembershipCreateStatus.DuplicateUserName:
                    case MembershipCreateStatus.DuplicateEmail:
                        InvalidRegistration.ErrorMessage = "That email address is already registered.  Sign in to access your account.";
                        break;
                    case MembershipCreateStatus.InvalidEmail:
                    case MembershipCreateStatus.InvalidUserName:
                        InvalidRegistration.ErrorMessage = "The email address you provided is not valid.";
                        break;
                    case MembershipCreateStatus.InvalidPassword:
                        InvalidRegistration.ErrorMessage = "The password you provided is not valid.";
                        break;
                    default:
                        InvalidRegistration.ErrorMessage = "Unexpected error in registration (" + status.ToString() + ")";
                        break;
                }
            }
        }
    }

    private bool _PasswordLengthValidatorAdded = false;
    private void ShowPasswordPolicy()
    {
        //SHOW THE PASSWORD POLICY
        CustomerPasswordPolicy policy = new CustomerPasswordPolicy();
        if (policy.MinLength > 0)
        {
            PasswordPolicyLength.Text = string.Format(PasswordPolicyLength.Text, policy.MinLength);
            if (!_PasswordLengthValidatorAdded)
            {
                RegularExpressionValidator PasswordLengthValidator = new RegularExpressionValidator();
                PasswordLengthValidator.ID = "PasswordLengthValidator";
                PasswordLengthValidator.EnableViewState = false;
                PasswordLengthValidator.ControlToValidate = "Password";
                PasswordLengthValidator.Text = "*";
                PasswordLengthValidator.ErrorMessage = "Password must be at least " + policy.MinLength.ToString() + " characters.";
                PasswordLengthValidator.ValidationExpression = ".{" + policy.MinLength.ToString() + ",}";
                PasswordLengthValidator.SetFocusOnError = false;
                PasswordLengthValidator.EnableClientScript = false;
                PasswordLengthValidator.ValidationGroup = "Register";
                PasswordValidatorPanel.Controls.Add(PasswordLengthValidator);
                _PasswordLengthValidatorAdded = true;
            }
        }
        else PasswordPolicyLength.Visible = false;
        List<string> requirements = new List<string>();
        if (policy.RequireUpper) requirements.Add("uppercase letter");
        if (policy.RequireLower) requirements.Add("lowercase letter");
        if (policy.RequireNumber) requirements.Add("number");
        if (policy.RequireSymbol) requirements.Add("symbol");
        if (!policy.RequireNumber && !policy.RequireSymbol && policy.RequireNonAlpha) requirements.Add("non-letter");
        PasswordPolicyRequired.Visible = (requirements.Count > 0);
        if (PasswordPolicyRequired.Visible)
        {
            if (requirements.Count > 1) requirements[requirements.Count - 1] = "and " + requirements[requirements.Count - 1];
            PasswordPolicyRequired.Text = string.Format(PasswordPolicyRequired.Text, string.Join(", ", requirements.ToArray()));
        }
    }

    private bool ValidatePassword()
    {
        //VALIDATE PASSWORD POLICY
        CustomerPasswordPolicy policy = new CustomerPasswordPolicy();
        if (!policy.TestPassword(null, Password.Text))
        {
            CustomValidator policyValidator = new CustomValidator();
            policyValidator.ControlToValidate = "Password";
            policyValidator.IsValid = false;
            policyValidator.Text = "*";
            policyValidator.ErrorMessage = "The password does not meet the minimum requirements.";
            policyValidator.SetFocusOnError = false;
            policyValidator.ValidationGroup = "Register";
            PasswordValidatorPanel.Controls.Add(policyValidator);
            return false;
        }
        return true;
    }
}

[Brewhaus]

I did finally get this to work by commenting out the final line of the added code to make it look like this:

Code: Select all

UserGroup userGroup = new UserGroup(newUser.UserId, 11);
            newUser.UserGroups.Add(userGroup);
            newUser.IsApproved = true;
            newUser.Save();
            //Some custom message code will be here
//return;

The one issue that I did find with the added code is that if a customer is already registered, instead of the system telling them that the e-mail address is already registered, we get a runtime error. If we remove the code, everything works fine (the customer is simply told that the e-mail address is already registered). The result is the same even if we do not comment out the return; line.

[AbleMods]

I'm really, really sorry but I have to ask...

"theflamingchicken.com"

Is that an industry term or something?? I've never dove into the home distillery industry so it's an honest question I swear!

[Brewhaus]

Actually, we are just using that domain while we try to get the second site working on the same db as our other site. We have the domain registered for the wing sauce line that we are bringing out, but since it is not active yet, we figured that we could use the domain for this development, and have therefore create the layout to more or less copy the site that we hope to move onto AC.

I believe that the only real hurdle we have left on that is to pull a separate set of featured items, so if you have any ideas on that, please post them on the 'Multiple Able Sites' thread.